I've been looking into complaints I've heard about the Google Messages RCS app. RCS of course is the fancy encrypted media-rich blah blah blah alternative to standard RCS text messages. It took years for interoperability between iOS and Android for RCS. But SMS isn't going away anytime in the foreseeable future. RCS needs a data connection to do anything, while SMS will work on virtually every cell network on the planet without a data connection being required. But still there's the big push for RCS, because marketers really, really want to send you masses of enormous media content that way. Oh goodie! In fact, Samsung announced their own SMS app will go away next month and pushes you to Android Messages instead. You won't be surprised to learn that Google's Android Messages app is full of fancy features but currently lacks crucial basic functionality that (for example) Samsung's Messages app has. For example, Android Messages can't tell you WHICH line (which SIM) of a dual-SIM phone any given text message came in on. This is critical information for many users -- the whole point of having dual SIMs is to be able to compartment two lines. That's just a single example -- the app is seriously brain dead in multiple ways when dealing with dual SIM devices. RCS will refuse to work at all if it isn't set to be THE text messages handler on an Android phone. Basically, Android doesn't want more than one app in control of text messaging at a time. The upshot of all this is that many users are foregoing RCS entirely, just not using it, and instead installing apps like Textra which provides highly customizable and advanced handling of conventional SMS and MMS messages, and yeah, users report it even tells ya' which SIM a text message came in on. It's so Google to skip crucial foundational features and concentrate on the fancy stuff instead. That's Google through and through.

#google #sms #mms #rcs #android #textra

Sniper's Nest: From Brand Impersonation to Browser Hijacking and CPA Fraud

An investigation into phishing activity targeting users across the Middle East and North Africa uncovered SniperDz, a centralized Push-Notification-as-a-Service and Phishing-as-a-Service platform. The operation uses fraudulent Facebook accounts impersonating politicians, public figures, and trusted organizations to promote fake offers including free mobile internet packages and financial compensation. Victims are redirected through trusted link-aggregation services like Linktree and Linkbio to evade detection. SniperDz provides 80 phishing templates mimicking over 30 global brands across financial services, social media, streaming, and gaming platforms. The infrastructure employs browser notification abuse, history manipulation creating a back-button prison, premium SMS subscriptions, premium-rate calls, investment scams, and affiliate marketing for monetization. Analysis revealed over 900 suspicious domains linked to shared hosting infrastructure and a recurring VAPID public key connecting multiple campai...

Pulse ID: 6a2aa0d6db4e2c52648e2ed7
Pulse Link: https://otx.alienvault.com/pulse/6a2aa0d6db4e2c52648e2ed7
Pulse Author: AlienVault
Created: 2026-06-11 11:49:42

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Africa #Browser #CyberSecurity #Facebook #InfoSec #MiddleEast #Mimic #OTX #OpenThreatExchange #Phishing #RAT #Rust #SMS #SocialMedia #bot #AlienVault

Phishing Attacks Leverage TikTok, Instagram Reels

Threat actors are exploiting short-form video platforms like TikTok and Instagram Reels to conduct social engineering attacks. Two distinct campaign methods have been identified: professional-looking fake tutorials with AI-generated voiceovers promising free premium software, and casual videos showcasing premium features to generate engagement through comments. Both approaches direct victims to malicious websites hosting infostealer malware, particularly Vidarstealer. The campaigns leverage platform algorithms through high engagement rates including saves, shares, and comments. Attackers use multiple accounts with Windows-themed branding and manipulate PowerShell commands to download malicious executables. These techniques are difficult to counter as creators can delete warning comments and platform reporting mechanisms prove ineffective. The attacks target non-technical users seeking free access to premium services like Spotify, Microsoft Office, and other software, making social media feeds an emerging p...

Pulse ID: 6a287385c06d53a7cf5a8a30
Pulse Link: https://otx.alienvault.com/pulse/6a287385c06d53a7cf5a8a30
Pulse Author: AlienVault
Created: 2026-06-09 20:11:49

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #InfoStealer #Instagram #Malware #Microsoft #MicrosoftOffice #OTX #Office #OpenThreatExchange #Phishing #PowerShell #RAT #SMS #SocialEngineering #SocialMedia #Vidar #Windows #bot #AlienVault

Old WinRAR Flaw Fuels Attacks on Ukraine: How Unmanaged Software Keeps the Door Open

Two Russia-aligned campaigns continue exploiting CVE-2025-8088, a WinRAR path traversal vulnerability patched in July 2025, against Ukrainian organizations through April 2026. SHADOW-EARTH-066 deploys an evolved GIFTEDCROOK information stealer using in-memory DLL loading via direct NT system calls, harvesting browser credentials, session cookies, and documents across 35 file extensions before self-deleting. Earth Dahu employs an HTA-based infection chain delivering espionage modules through Cloudflare Workers infrastructure. Both campaigns leverage the same CVE-2025-8088 exploit but use distinct tooling: SHADOW-EARTH-066 relies on compiled C++ with RC4-encrypted C&C communication, while Earth Dahu uses script-based approaches with Dynamic DNS. The persistent exploitation nearly a year post-patch demonstrates how unmanaged software lacking centralized update mechanisms creates enduring attack surfaces that threat actors deliberately target.

Pulse ID: 6a2699c6a6badcc8eac21083
Pulse Link: https://otx.alienvault.com/pulse/6a2699c6a6badcc8eac21083
Pulse Author: AlienVault
Created: 2026-06-08 10:30:30

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Browser #CandC #Cloud #Cookies #CyberSecurity #DNS #ELF #Espionage #InfoSec #OTX #OpenThreatExchange #RAT #Russia #SMS #UK #Ukr #Ukraine #Ukrainian #Vulnerability #WinRAR #bot #AlienVault

🛠️ Title: Gearsystem
🦊️ Idea: A libre & accurate Sega Master System / Game Gear / SG-1000 emulator
🏡️ -
🐣️ https://github.com/drhelius/Gearsystem
🔖 #LinuxEmulation #Sega #sms #GameGear #SG1000
📦️ #Libre #Bin #Arch #Snap
📕️ https://lebottinlinux.vps.a-lec.org/LO.html

🥁️ Update: 3.9.9
⚗️ Signific. vers. 🦍️
📌️ Changes: https://github.com/drhelius/Gearsystem/releases
🦣️ From:
https://www.youtube.com/embed/msILWL0169g?start=168

🎮️ https://www.youtube.com/embed/donJGpnMFFQ
🎮️ https://www.youtube.com/embed/5AuKvjH4Uqs
🎮️ https://www.youtube.com/embed/iKehYUp45e0

This vulnerability on exploiting Gemini with a prompt to do whatever other action is trendemous.

The article is a bit difficult to follow at first, but then it clarifies out. It's really interesting.

https://www.safebreach.com/blog/gemini-voice-assistant-prompt-injection-exploit/
Demo: https://www.youtube.com/shorts/kjCXg9-Y99s

I'll explain in the next message.

#AI #vocal-assistant #smartphone #Android #Google #Whatsapp #SMS #exploit #vulnerability #prompt

Bei #Microsoft ist Schluss mit #2FA per SMS! ✋🏻

➡️ Wieso verzichtet Microsoft auf #SMS für die Zwei-Faktor-Authentifizierung (2FA)?

➡️ Was taugen die Alternativen #TOTP und #Passkeys?

➡️ Wie geht es weiter bei Microsoft mit 2FA?

Darüber diskutieren Andreas Von Gunten und ich 🎙️ in den aktuellen «Datenschutz-Plaudereien».

Jetzt reinhören! 🎧

https://podcast.datenschutzpartner.ch/404-microsoft-2fa-sms